Proper study guides for Most recent Fortinet Fortinet Network Security Expert 5 Written Exam (500) certified begins with Fortinet NSE5 preparation products which designed to deliver the Practical NSE5 questions by making you pass the NSE5 test at your first time. Try the free NSE5 demo right now.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Fortinet NSE5 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW NSE5 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/NSE5-exam-dumps.html
Q71. - (Topic 2)
Two FortiGate devices fail to form an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of 'show system ha' for the STUDENT device. Exhibit B shows the command output of 'show system ha' for the REMOTE device.
Exhibit A:
Exhibit B
Which one of the following is the most likely reason that the cluster fails to form?
A. Password
B. HA mode
C. Hearbeat
D. Override
Answer: B
Q72. - (Topic 3)
An administrator is configuring a DLP rule for FTP traffic. When adding the rule to a DLP sensor,
the administrator notes that the Ban Sender action is not available (greyed-out), as shown in the exhibit.
Which of the following is the best explanation for the Ban Sender action NOT being available?
A. The Ban Sender action is never available for FTP traffic.
B. The Ban Sender action needs to be enabled globally for FTP traffic on the FortiGate unit before configuring the sensor.
C. Firewall policy authentication is required before the Ban Sender action becomes available.
D. The Ban Sender action is only available for known domains. No domains have yet been added to the domain list.
Answer: A
Q73. - (Topic 3)
Which of the following DLP actions will override any other action?
A. Exempt
B. Quarantine Interface
C. Block
D. None
Answer: A
Q74. - (Topic 1)
The default administrator profile that is assigned to the default "admin" user on a FortGate device is:____________________.
A. trusted-admin
B. super_admin
C. super_user
D. admin
E. fortinet-root
Answer: B
Q75. - (Topic 3)
When viewing the Banned User monitor in Web Config, the administrator notes the entry illustrated in the exhibit.
Which of the following statements is correct regarding this entry?
A. The entry displays a ban that has been added as a result of traffic triggering a configured DLP rule.
B. The entry displays a ban that was triggered by HTTP traffic matching an IPS signature.
This client is banned from receiving or sending any traffic through the FortiGate.
C. The entry displays a quarantine, which could have been added by either IPS or DLP.
D. This entry displays a ban entry that was added manually by the administrator on June11th.
Answer: A
Q76. - (Topic 2)
FSSO provides a single sign on solution to authenticate users transparently to a FortiGate unit using credentials stored in Windows Active Directory.
Which of the following statements are correct regarding FSSO in a Windows domain environment when NTLM and Polling Mode are not used? (Select all that apply.)
A. An FSSO Collector Agent must be installed on every domain controller.
B. An FSSO Domain Controller Agent must be installed on every domain controller.
C. The FSSO Domain Controller Agent will regularly update user logon information on the FortiGate unit.
D. The FSSO Collector Agent will retrieve user information from the Domain Controller Agent and will send the user logon information to the FortiGate unit.
E. For non-domain computers, the only way to allow FSSO authentication is to install an FSSO client.
Answer: B,D
Q77. - (Topic 1)
Which of the following network protocols can be used to access a FortiGate unit as an administrator?
A. HTTPS, HTTP, SSH, TELNET, PING, SNMP
B. FTP, HTTPS, NNTP, TCP, WINS
C. HTTP, NNTP, SMTP, DHCP
D. Telnet, FTP, RLOGIN, HTTP, HTTPS, DDNS
E. Telnet, UDP, NNTP, SMTP
Answer: A
Q78. - (Topic 3)
Which of the following Session TTL values will take precedence?
A. Session TTL specified at the system level for that port number
B. Session TTL specified in the matching firewall policy
C. Session TTL dictated by the application control list associated with the matching firewall policy
D. The default session TTL specified at the system level
Answer: C
Q79. - (Topic 1)
Which statement is correct regarding virus scanning on a FortiGate unit?
A. Virus scanning is enabled by default.
B. Fortinet Customer Support enables virus scanning remotely for you.
C. Virus scanning must be enabled in a UTM security profile and the UTM security profile must be assigned to a firewall policy.
D. Enabling virus scanning in a UTM security profile enables virus scanning for all traffic flowing through the FortiGate device.
Answer: C
Q80. - (Topic 1)
Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?
A. TCP connection
B. File attachments
C. Message headers
D. Message body
Answer: A
